﻿using System;
using System.Collections.Generic;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data;
using System.Text;
using FineUIPro;
using KPI_SYSTEM.Code;

namespace KPI_SYSTEM
{
    public partial class login : PageBase
    {
        protected void Page_Load(object sender, EventArgs e)
        {
           
        }

        protected void btnLogin_Click(object sender, EventArgs e)
        {
            int Checklogin = (Int32)SqlHelper.ExecuteScalar(CommandType.Text, "SELECT COUNT(*) FROM LOGIN_RECORDS WHERE LOGIN_ACCOUNT='" + tbxUserName.Text + "' AND IS_SUCCESS=-1 AND DATEDIFF( Minute, LOGIN_DATE, '" + DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss") + "') <10 ");

            if (Checklogin >= 3)
            {
                ShowNotify("密码错误三次，账号将被锁定10分钟!");
                return;
            }
            String sss = PublicMethod.GetMD5Hash(tbxPassword.Text);
            String InsertSql = "";
            String IPStr = PublicMethod.GetUserIp();
            String IpCityName = PublicMethod.GetCS(IPStr);
            DataTable login = SqlHelper.ExecuteDataset(CommandType.Text, "SELECT * FROM  USER_DICT WHERE USER_CODE='" + tbxUserName.Text + "' AND USER_PASSWORD='" + PublicMethod.GetMD5Hash(tbxPassword.Text) + "'").Tables[0];
            if (login.Rows.Count > 0)
            {
                Alert.ShowInTop("成功登录！");
                Session["UserID"] = login.Rows[0]["REC_ID"].ToString();
                Session["UserCode"] = login.Rows[0]["USER_CODE"].ToString();
                Session["RoleID"] = login.Rows[0]["USER_ROLE"].ToString();
                Session["UserName"] = login.Rows[0]["USER_NAME"].ToString();
                Session["UserType"] = login.Rows[0]["USER_TYPE"].ToString();
                Session["UserDept"] = login.Rows[0]["USER_DEPT"].ToString();
                Session["UserDingCode"] = login.Rows[0]["DING_USER_ID"].ToString();
                InsertSql = "INSERT INTO LOGIN_RECORDS (LOGIN_DATE,IS_SUCCESS,IP,IP_CITY,LOGIN_ACCOUNT,LOGIN_PWD,REDU_FIELD_1) VALUES ('" + DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss") + "',1,'" + IPStr + "','" + IpCityName + "','" + tbxUserName.Text + "','" + tbxPassword.Text + "','" + login.Rows[0]["USER_NAME"].ToString() + "')";
                SqlHelper.ExecuteNonQuery(CommandType.Text, InsertSql);
                Response.Redirect("index.aspx");
            }
            else
            {
                DataTable dataTable = SqlHelper.ExecuteDataset(CommandType.Text, "SELECT USER_NAME FROM USER_DICT WHERE USER_CODE='" + tbxUserName.Text + "'").Tables[0];
                if (dataTable != null && dataTable.Rows.Count > 0)
                {
                    String UserName = dataTable.Rows[0]["USER_NAME"].ToString();
                    InsertSql = "INSERT INTO LOGIN_RECORDS (LOGIN_DATE,IS_SUCCESS,IP,IP_CITY,LOGIN_ACCOUNT,LOGIN_PWD,REDU_FIELD_1) VALUES ('" + DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss") + "',-1,'" + IPStr + "','" + IpCityName + "','" + tbxUserName.Text + "','" + tbxPassword.Text + "','" + UserName + "')";
                    SqlHelper.ExecuteNonQuery(CommandType.Text, InsertSql);
                }
                
                ShowNotify("用户名或密码错误,错误三次账号将被锁定10分钟!");
            }
        }

    }
}
